From 06a45637e5a8274c56d6c9a2b6633dcbc4f46a53 Mon Sep 17 00:00:00 2001 From: Jiří Popelka Date: Jun 29 2010 10:25:04 +0000 Subject: - Fix parsing of date (#514828) --- diff --git a/dhcp-4.1.1-P1-parse_date.patch b/dhcp-4.1.1-P1-parse_date.patch new file mode 100644 index 0000000..4fef7ae --- /dev/null +++ b/dhcp-4.1.1-P1-parse_date.patch @@ -0,0 +1,207 @@ +diff -up dhcp-4.1.1-P1/common/parse.c.parse_date dhcp-4.1.1-P1/common/parse.c +--- dhcp-4.1.1-P1/common/parse.c.parse_date 2010-06-11 14:25:10.000000000 +0200 ++++ dhcp-4.1.1-P1/common/parse.c 2010-06-11 15:00:08.000000000 +0200 +@@ -913,48 +913,46 @@ parse_date_core(cfile) + 212, 243, 273, 304, 334 }; + + /* Day of week, or "never"... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token == NEVER) { +- if (!parse_semi (cfile)) +- return 0; ++ next_token (&val, (unsigned *)0, cfile); /* consume NEVER*/ + return MAX_TIME; + } + + /* This indicates 'local' time format. */ + if (token == EPOCH) { +- token = next_token(&val, NULL, cfile); +- ++ next_token(&val, (unsigned *)0, cfile); /* consume EPOCH */ ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != NUMBER) { + parse_warn(cfile, "Seconds since epoch expected."); + if (token != SEMI) +- skip_to_semi(cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume seconds */ + + guess = atoi(val); +- +- if (!parse_semi(cfile)) +- return (TIME)0; +- + return guess; + } + + if (token != NUMBER) { + parse_warn (cfile, "numeric day of week expected."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume day of week */ + wday = atoi (val); + + /* Year... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != NUMBER) { + parse_warn (cfile, "numeric year expected."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Year*/ + + /* Note: the following is not a Y2K bug - it's a Y1.9K bug. Until + somebody invents a time machine, I think we can safely disregard +@@ -965,101 +963,113 @@ parse_date_core(cfile) + year -= 1900; + + /* Slash separating year from month... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != SLASH) { + parse_warn (cfile, + "expected slash separating year from month."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ token = next_token(&val, (unsigned *)0, cfile); /* consume SLASH */ + + /* Month... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != NUMBER) { + parse_warn (cfile, "numeric month expected."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Month */ + mon = atoi (val) - 1; + + /* Slash separating month from day... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != SLASH) { + parse_warn (cfile, + "expected slash separating month from day."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume SLASH */ + + /* Day of month... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != NUMBER) { + parse_warn (cfile, "numeric day of month expected."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Day of month */ + mday = atoi (val); + + /* Hour... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != NUMBER) { + parse_warn (cfile, "numeric hour expected."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Hour */ + hour = atoi (val); + + /* Colon separating hour from minute... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != COLON) { + parse_warn (cfile, + "expected colon separating hour from minute."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Colon */ + + /* Minute... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != NUMBER) { + parse_warn (cfile, "numeric minute expected."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Minute */ + min = atoi (val); + + /* Colon separating minute from second... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != COLON) { + parse_warn (cfile, + "expected colon separating minute from second."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Colon */ + + /* Second... */ +- token = next_token (&val, (unsigned *)0, cfile); ++ token = peek_token (&val, (unsigned *)0, cfile); + if (token != NUMBER) { + parse_warn (cfile, "numeric second expected."); + if (token != SEMI) +- skip_to_semi (cfile); ++ next_token(&val, (unsigned *)0, cfile); + return (TIME)0; + } ++ next_token(&val, (unsigned *)0, cfile); /* consume Second */ + sec = atoi (val); + ++ tzoff = 0; + token = peek_token (&val, (unsigned *)0, cfile); + if (token == NUMBER) { +- token = next_token (&val, (unsigned *)0, cfile); ++ next_token (&val, (unsigned *)0, cfile); /* consume tzoff */ + tzoff = atoi (val); +- } else +- tzoff = 0; ++ } else if (token != SEMI) { ++ parse_warn (cfile, "Time zone offset or semicolon expected."); ++ next_token (&val, (unsigned *)0, cfile); ++ } + + /* Guess the time value... */ + guess = ((((((365 * (year - 70) + /* Days in years since '70 */ +@@ -1095,7 +1105,7 @@ parse_date(cfile) + + /* Make sure the date ends in a semicolon... */ + if (!parse_semi(cfile)) +- return 0; ++ return (TIME)0; + return guess; + } + diff --git a/dhcp.spec b/dhcp.spec index 03f11fa..ac8e649 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -15,7 +15,7 @@ Summary: Dynamic host configuration protocol software Name: dhcp Version: 4.1.1 -Release: 22.%{patchver}%{?dist} +Release: 23.%{patchver}%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -61,6 +61,7 @@ Patch23: %{name}-4.1.1-sendDecline.patch Patch24: %{name}-4.1.1-retransmission.patch Patch25: %{name}-4.1.1-release6-elapsed.patch Patch26: %{name}-4.1.1-initialization-delay.patch +Patch27: %{name}-4.1.1-P1-parse_date.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf @@ -238,6 +239,10 @@ libdhcpctl and libomapi static libraries are also included in this package. # Cut down the 0-4 second delay before sending first DHCPDISCOVER (#587070) %patch26 -p1 -b .initialization-delay +# Fix parsing of date (#514828) +# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #21501]) +%patch27 -p1 -b .parse_date + # Copy in documentation and example scripts for LDAP patch to dhcpd %{__install} -p -m 0755 ldap-for-dhcp-%{ldappatchver}/dhcpd-conf-to-ldap contrib/ @@ -520,8 +525,12 @@ fi %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz %changelog +* Tue Jun 29 2010 Jiri Popelka - 12:4.1.1-23.P1 +- Fix parsing of date (#514828) + * Wed Jun 03 2010 Jiri Popelka - 12:4.1.1-22.P1 - 4.1.1-P1 (pair of bug fixes including one for a security related bug). +- Fix for CVE-2010-2156 (#601405) - Compile with -fno-strict-aliasing - N-V-R (copied from bind.spec): Name-Version-Release.Patch.dist